The possibility that cyber aggression may become an aspect of the confrontation with North Korea raises the question of how well a centerpiece of U.S. cybersecurity policy, namely information sharing between government and the private sector, is actually working.

The major piece of cyber legislation passed in recent years by Congress, the Cybersecurity Act of 2015, made such sharing a national priority and ordered the Department of Homeland Security to carry out programs to ease the flow of critical and sometimes classified information between federal agencies and key industries such as the electricity sector.

The situation with North Korea is focused on that country's nuclear weapons activities, but Pyongyang is also a well-known aggressor in cyberspace.

"I think there is a general awareness that the current geopolitical situation impacts the cyber threat environment," said an industry source active in info-sharing efforts between government and the private sector. "In cyberspace, the key here is understanding the capabilities of the adversary. Studying different attacks they have been involved in will show the actor's methods, tendencies and interests."

Getting that information into the hands of cyber professionals working to defend infrastructure is key, and that in turn puts a spotlight on how well DHS's info-sharing efforts are working.

DHS created an Automated threat Indicator Sharing program, or AIS, in response to mandates in the 2015 law, and that system has made major strides following some early technical difficulties, according to a source familiar with the department's operations.

But an industry source closely involved in collaborative efforts with DHS said that more sophisticated companies and groups need access to higher quality cyber intelligence than is being shared through the program, particularly during international crises.

"AIS is a good program, particularly for new entrants in cyber info-sharing," the source said. But entities that are already engaged in highly sophisticated info-sharing, such as those in the financial sector, "are not getting the information they need," the source said. "We need a separate system for high-skilled groups to get the kind of high-end, sensitive information they need."

In response, a DHS spokesman praised industry's willingness to collaborate and said the department values such input. "Input from our partners is essential in ensuring that AIS helps our public and private sector stakeholders manage cybersecurity risk and DHS will continue this essential collaboration," the spokesman said.

The spokesman said, "Now that AIS has a solid base, [DHS] is focused on increasing the number of industry participants that submit cyber threat indicators into it. We are helping interested organizations work through any technical, resource or cultural challenges."

Sources from government and industry groups were extremely reluctant to discuss any specific cybersecurity activities taking place around the current North Korea situation.

But one source who works in a critical-infrastructure sector said the industry-DHS partnership is "sound" and added, "The right people are taking notice [of the current threat environment] and are preparing for it."

It seems likely, multiple sources said, that various potential adversaries in cyberspace are probing U.S. systems for vulnerabilities as well as intelligence in this moment of heightened international tension.

Those tensions may abate in the coming weeks, but in the meantime, various structures developed to deal with a cyber crisis, such as the DHS info-sharing system, could get an illuminating real-world workout.

Charlie Mitchell is editor of, an exclusive service covering cybersecurity policy from Inside Washington Publishers, and author of "Hacked: The Inside Story of America's Struggle to Secure Cyberspace," published by Rowman and Littlefield.